$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft File: IWrR11qT4DeulPbJGJbS1YLY_1Q.mft (raw, json) Hash identifier: EcRam5YQPNSUfMzMVm/zJUi+mjG8Vp6nIk+NCXr8bjY= Subject key identifier: D0:62:06:47:68:55:D0:00:20:AA:2D:15:14:24:5A:AD:7D:4D:99:5A Authority key identifier: 21:6A:D1:D7:5A:93:E0:37:AE:94:F6:C9:18:96:D2:D5:82:D8:FF:54 Certificate issuer: /CN=A91FDDD1/serialNumber=216AD1D75A93E037AE94F6C91896D2D582D8FF54 Certificate serial: 0149 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IWrR11qT4DeulPbJGJbS1YLY_1Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft Manifest number: 013B Signing time: Sat 05 Apr 2025 03:51:04 +0000 Manifest this update: Sat 05 Apr 2025 03:51:03 +0000 Manifest next update: Sat 12 Apr 2025 03:51:03 +0000 Files and hashes: 1: IWrR11qT4DeulPbJGJbS1YLY_1Q.crl (hash: vwXo9Y0bTqsePpIlnogGFs3HDwkbVn7b0YY+KoBZPas=) 2: 838096CA3BD311EE84056461C4F9AE02.roa (hash: MRW+pxq2rIQWqz0eewlHDxgHTLGzIYysThVYJrp2BDc=) 3: 27DB37683BD211EE8094355FC4F9AE02.roa (hash: Fv5yzaRaYXm7EcaxJ9d0RT5up4myTdlO4UPvIXp3L88=) 4: 82C54A1E3BD311EE84056461C4F9AE02.roa (hash: mGJXgF/PKI9FEq/cPxsdqAyVl2gi74HVL2n1gwNWhDo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.crl rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IWrR11qT4DeulPbJGJbS1YLY_1Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 03:51:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 329 (0x149) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDDD1 Validity Not Before: Apr 5 03:51:03 2025 GMT Not After : Apr 12 03:51:03 2025 GMT Subject: CN=67f0a8a8-bbbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:77:be:b4:10:a3:e5:e8:23:9f:bc:b8:db:05: 42:7a:d4:02:0e:79:b2:58:68:7c:cb:6d:5c:9c:4d: 43:5e:92:23:7d:ab:7f:04:3d:49:53:01:02:c7:9e: f3:10:44:1f:54:81:70:55:0e:ed:c9:f8:b3:11:8d: 81:73:1f:f4:04:27:0a:04:70:47:5e:29:6f:ac:c0: 66:78:ee:c6:0c:b5:f8:95:6f:95:5c:b8:31:95:78: aa:45:1e:78:b0:1b:d2:b5:5f:bb:94:dc:3c:d5:db: 92:a2:1f:79:85:c8:57:41:b3:6a:81:e3:1b:47:ab: 42:1e:fe:5b:20:c7:f9:a7:53:2e:06:f2:72:98:65: df:c0:49:2c:70:dd:8f:7e:60:49:2c:42:36:0f:16: ef:72:99:43:e3:ce:50:bd:00:07:73:62:5b:bc:46: a1:1c:4b:df:5d:95:96:20:c9:c2:69:2a:73:f6:3c: 24:90:2a:f2:2b:fb:05:7c:67:79:13:0e:80:ae:3d: b1:ae:44:f5:6e:f3:48:ce:af:b3:00:c9:eb:ce:40: c8:1c:78:21:8e:e8:01:9f:e6:88:49:32:cb:9a:91: 2a:76:c1:ef:89:a3:dc:59:02:63:cd:63:ac:30:7b: cf:ff:0c:d2:41:13:d8:8f:f0:a8:cc:cf:c2:12:35: b5:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:62:06:47:68:55:D0:00:20:AA:2D:15:14:24:5A:AD:7D:4D:99:5A X509v3 Authority Key Identifier: keyid:21:6A:D1:D7:5A:93:E0:37:AE:94:F6:C9:18:96:D2:D5:82:D8:FF:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IWrR11qT4DeulPbJGJbS1YLY_1Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:fb:ff:46:f9:a6:62:cb:bc:8a:aa:19:2d:68:62:af:f1:f8: cb:a9:6e:1d:70:5f:9d:d3:56:10:d6:41:ce:11:19:de:f2:d4: 41:12:4f:70:37:df:6c:1b:81:d2:3f:ae:60:ad:38:60:c7:51: 74:d5:1c:7e:49:89:54:a9:7a:0b:88:94:48:79:33:3c:ac:21: 72:8a:44:b5:60:91:1c:cd:54:16:60:19:e6:a6:fd:03:17:fa: 6f:c5:4d:6e:a2:ae:36:cc:df:be:9d:aa:12:11:95:ff:eb:ec: 53:a1:ce:6d:bd:3a:75:d6:aa:0a:55:5c:2c:be:b8:f4:82:9d: 84:b3:b8:2f:13:79:5f:30:d3:3f:8c:9c:91:eb:90:ab:c2:07: b6:37:ac:44:91:d9:45:fe:87:e8:b4:b3:9d:92:e4:ed:02:97: ae:f6:cb:23:ff:f9:6c:95:c5:f1:c0:60:d6:7f:c0:d7:89:e0: 7c:93:98:61:4e:37:53:04:1e:7e:61:80:88:31:3d:bc:27:a0: 2d:22:7c:09:ae:a0:f6:13:96:44:0b:00:ab:b8:12:e7:c5:58: cf:92:e3:ba:1f:6e:7c:df:78:58:28:83:4d:8c:1b:db:a7:45: 57:af:4a:a2:f6:16:66:aa:61:d8:ec:38:8f:ff:3d:fe:b3:cc: fe:fd:c7:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRERDExMTAvBgNVBAUTKDIxNkFEMUQ3NUE5M0UwMzdBRTk0RjZDOTE4OTZEMkQ1 ODJEOEZGNTQwHhcNMjUwNDA1MDM1MTAzWhcNMjUwNDEyMDM1MTAzWjAYMRYwFAYD VQQDEw02N2YwYThhOC1iYmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsne+tBCj5egjn7y42wVCetQCDnmyWGh8y21cnE1DXpIjfat/BD1JUwECx57z EEQfVIFwVQ7tyfizEY2Bcx/0BCcKBHBHXilvrMBmeO7GDLX4lW+VXLgxlXiqRR54 sBvStV+7lNw81duSoh95hchXQbNqgeMbR6tCHv5bIMf5p1MuBvJymGXfwEkscN2P fmBJLEI2DxbvcplD485QvQAHc2JbvEahHEvfXZWWIMnCaSpz9jwkkCryK/sFfGd5 Ew6Arj2xrkT1bvNIzq+zAMnrzkDIHHghjugBn+aISTLLmpEqdsHviaPcWQJjzWOs MHvP/wzSQRPYj/CozM/CEjW1wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNBiBkdo VdAAIKotFRQkWq19TZlaMB8GA1UdIwQYMBaAFCFq0ddak+A3rpT2yRiW0tWC2P9U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREREMS82OEMxRDQ5NjNC RDAxMUVFOEJBQzM1MUFDNEY5QUUwMi9JV3JSMTFxVDREZXVsUGJKR0piUzFZTFlf MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lXclIxMXFUNERldWxQYkpHSmJTMVlMWV8xUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REREMS82OEMxRDQ5NjNCRDAxMUVFOEJBQzM1MUFDNEY5QUUwMi9JV3JSMTFxVDRE ZXVsUGJKR0piUzFZTFlfMVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBb+/9G+aZiy7yKqhktaGKv8fjLqW4dcF+d01YQ1kHOERne8tRBEk9w N99sG4HSP65grThgx1F01Rx+SYlUqXoLiJRIeTM8rCFyikS1YJEczVQWYBnmpv0D F/pvxU1uoq42zN++naoSEZX/6+xToc5tvTp11qoKVVwsvrj0gp2Es7gvE3lfMNM/ jJyR65Crwge2N6xEkdlF/ofotLOdkuTtApeu9ssj//lslcXxwGDWf8DXieB8k5hh TjdTBB5+YYCIMT28J6AtInwJrqD2E5ZECwCruBLnxVjPkuO6H25833hYKINNjBvb p0VXr0qi9hZmqmHY7DiP/z3+s8z+/ccx -----END CERTIFICATE-----Generated at Sun Apr 6 18:36:42 2025 by rpki-client